3 # Author: Alex Leigh <leigh at alexleigh dot me>
6 #GOOGLEDOMAINS_ACCESS_TOKEN="xxxx"
7 #GOOGLEDOMAINS_ZONE="xxxx"
8 GOOGLEDOMAINS_API
="https://acmedns.googleapis.com/v1/acmeChallengeSets"
10 ######## Public functions ########
12 #Usage: dns_googledomains_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
13 dns_googledomains_add
() {
17 _info
"Invoking Google Domains ACME DNS API."
19 if ! _dns_googledomains_setup
; then
23 zone
="$(_dns_googledomains_get_zone "$fulldomain")"
24 if [ -z "$zone" ]; then
25 _err
"Could not find a Google Domains-managed zone containing the requested domain."
30 _debug txtvalue
"$txtvalue"
32 _info
"Adding TXT record for $fulldomain."
33 if _dns_googledomains_api
"$zone" ":rotateChallenges" "{\"accessToken\":\"$GOOGLEDOMAINS_ACCESS_TOKEN\",\"recordsToAdd\":[{\"fqdn\":\"$fulldomain\",\"digest\":\"$txtvalue\"}],\"keepExpiredRecords\":true}"; then
34 if _contains
"$response" "$txtvalue"; then
35 _info
"TXT record added."
38 _err
"Error adding TXT record."
43 _err
"Error adding TXT record."
47 #Usage: dns_googledomains_rm _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
48 dns_googledomains_rm
() {
52 _info
"Invoking Google Domains ACME DNS API."
54 if ! _dns_googledomains_setup
; then
58 zone
="$(_dns_googledomains_get_zone "$fulldomain")"
59 if [ -z "$zone" ]; then
60 _err
"Could not find a Google Domains-managed domain based on request."
65 _debug txtvalue
"$txtvalue"
67 _info
"Removing TXT record for $fulldomain."
68 if _dns_googledomains_api
"$zone" ":rotateChallenges" "{\"accessToken\":\"$GOOGLEDOMAINS_ACCESS_TOKEN\",\"recordsToRemove\":[{\"fqdn\":\"$fulldomain\",\"digest\":\"$txtvalue\"}],\"keepExpiredRecords\":true}"; then
69 if _contains
"$response" "$txtvalue"; then
70 _err
"Error removing TXT record."
73 _info
"TXT record removed."
78 _err
"Error removing TXT record."
82 ######## Private functions ########
84 _dns_googledomains_setup
() {
85 if [ -n "$GOOGLEDOMAINS_SETUP_COMPLETED" ]; then
89 GOOGLEDOMAINS_ACCESS_TOKEN
="${GOOGLEDOMAINS_ACCESS_TOKEN:-$(_readaccountconf_mutable GOOGLEDOMAINS_ACCESS_TOKEN)}"
90 GOOGLEDOMAINS_ZONE
="${GOOGLEDOMAINS_ZONE:-$(_readaccountconf_mutable GOOGLEDOMAINS_ZONE)}"
92 if [ -z "$GOOGLEDOMAINS_ACCESS_TOKEN" ]; then
93 GOOGLEDOMAINS_ACCESS_TOKEN
=""
94 _err
"Google Domains access token was not specified."
95 _err
"Please visit Google Domains Security settings to provision an ACME DNS API access token."
99 if [ "$GOOGLEDOMAINS_ZONE" ]; then
100 _savedomainconf GOOGLEDOMAINS_ACCESS_TOKEN
"$GOOGLEDOMAINS_ACCESS_TOKEN"
101 _savedomainconf GOOGLEDOMAINS_ZONE
"$GOOGLEDOMAINS_ZONE"
103 _saveaccountconf_mutable GOOGLEDOMAINS_ACCESS_TOKEN
"$GOOGLEDOMAINS_ACCESS_TOKEN"
104 _clearaccountconf_mutable GOOGLEDOMAINS_ZONE
105 _clearaccountconf GOOGLEDOMAINS_ZONE
108 _debug GOOGLEDOMAINS_ACCESS_TOKEN
"$GOOGLEDOMAINS_ACCESS_TOKEN"
109 _debug GOOGLEDOMAINS_ZONE
"$GOOGLEDOMAINS_ZONE"
111 GOOGLEDOMAINS_SETUP_COMPLETED
=1
115 _dns_googledomains_get_zone
() {
118 # Use zone directly if provided
119 if [ "$GOOGLEDOMAINS_ZONE" ]; then
120 if ! _dns_googledomains_api
"$GOOGLEDOMAINS_ZONE"; then
124 echo "$GOOGLEDOMAINS_ZONE"
130 curr
=$
(printf "%s" "$domain" | cut
-d .
-f $i-100)
133 if [ -z "$curr" ]; then
137 if _dns_googledomains_api
"$curr"; then
148 _dns_googledomains_api
() {
153 if [ -z "$data" ]; then
154 response
="$(_get "$GOOGLEDOMAINS_API/$zone$apimethod")"
157 export _H1
="Content-Type: application/json"
158 response
="$(_post "$data" "$GOOGLEDOMAINS_API/$zone$apimethod")"
161 _debug response
"$response"
163 if [ "$?" != "0" ]; then
168 if _contains
"$response" "\"error\": {"; then